robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4076 Commits
2 Branches
Tree: 196751ce95
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '196751ce95'
${ noResults }
ipxe/src/core/image.c

image.c 10KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439 
  1. /*

  2.  * Copyright (C) 2006 Michael Brown <mbrown@fensystems.co.uk>.

  3.  *

  4.  * This program is free software; you can redistribute it and/or

  5.  * modify it under the terms of the GNU General Public License as

  6.  * published by the Free Software Foundation; either version 2 of the

  7.  * License, or any later version.

  8.  *

  9.  * This program is distributed in the hope that it will be useful, but

  10.  * WITHOUT ANY WARRANTY; without even the implied warranty of

  11.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  12.  * General Public License for more details.

  13.  *

  14.  * You should have received a copy of the GNU General Public License

  15.  * along with this program; if not, write to the Free Software

  16.  * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

  17.  */

  18. 

  19. FILE_LICENCE ( GPL2_OR_LATER );

  20. 

  21. #include <stddef.h>

  22. #include <string.h>

  23. #include <stdlib.h>

  24. #include <stdio.h>

  25. #include <errno.h>

  26. #include <assert.h>

  27. #include <libgen.h>

  28. #include <syslog.h>

  29. #include <ipxe/list.h>

  30. #include <ipxe/umalloc.h>

  31. #include <ipxe/uri.h>

  32. #include <ipxe/image.h>

  33. 

  34. /** @file

  35.  *

  36.  * Executable images

  37.  *

  38.  */

  39. 

  40. /* Disambiguate the various error causes */

  41. #define EACCES_UNTRUSTED \

  42. 	__einfo_error ( EINFO_EACCES_UNTRUSTED )

  43. #define EINFO_EACCES_UNTRUSTED \

  44. 	__einfo_uniqify ( EINFO_EACCES, 0x01, "Untrusted image" )

  45. #define EACCES_PERMANENT \

  46. 	__einfo_error ( EINFO_EACCES_PERMANENT )

  47. #define EINFO_EACCES_PERMANENT \

  48. 	__einfo_uniqify ( EINFO_EACCES, 0x02, "Trust requirement is permanent" )

  49. 

  50. /** List of registered images */

  51. struct list_head images = LIST_HEAD_INIT ( images );

  52. 

  53. /** Currently-executing image */

  54. struct image *current_image;

  55. 

  56. /** Current image trust requirement */

  57. static int require_trusted_images = 0;

  58. 

  59. /** Prevent changes to image trust requirement */

  60. static int require_trusted_images_permanent = 0;

  61. 

  62. /**

  63.  * Free executable image

  64.  *

  65.  * @v refcnt		Reference counter

  66.  */

  67. static void free_image ( struct refcnt *refcnt ) {

  68. 	struct image *image = container_of ( refcnt, struct image, refcnt );

  69. 

  70. 	DBGC ( image, "IMAGE %s freed\n", image->name );

  71. 	free ( image->name );

  72. 	free ( image->cmdline );

  73. 	uri_put ( image->uri );

  74. 	ufree ( image->data );

  75. 	image_put ( image->replacement );

  76. 	free ( image );

  77. }

  78. 

  79. /**

  80.  * Allocate executable image

  81.  *

  82.  * @v uri		URI, or NULL

  83.  * @ret image		Executable image

  84.  */

  85. struct image * alloc_image ( struct uri *uri ) {

  86. 	const char *name;

  87. 	struct image *image;

  88. 	int rc;

  89. 

  90. 	/* Allocate image */

  91. 	image = zalloc ( sizeof ( *image ) );

  92. 	if ( ! image )

  93. 		goto err_alloc;

  94. 

  95. 	/* Initialise image */

  96. 	ref_init ( &image->refcnt, free_image );

  97. 	if ( uri ) {

  98. 		image->uri = uri_get ( uri );

  99. 		name = basename ( ( char * ) uri->path );

  100. 		if ( ( rc = image_set_name ( image, name ) ) != 0 )

  101. 			goto err_set_name;

  102. 	}

  103. 

  104. 	return image;

  105. 

  106.  err_set_name:

  107. 	image_put ( image );

  108.  err_alloc:

  109. 	return NULL;

  110. }

  111. 

  112. /**

  113.  * Set image name

  114.  *

  115.  * @v image		Image

  116.  * @v name		New image name

  117.  * @ret rc		Return status code

  118.  */

  119. int image_set_name ( struct image *image, const char *name ) {

  120. 	char *name_copy;

  121. 

  122. 	/* Duplicate name */

  123. 	name_copy = strdup ( name );

  124. 	if ( ! name_copy )

  125. 		return -ENOMEM;

  126. 

  127. 	/* Replace existing name */

  128. 	free ( image->name );

  129. 	image->name = name_copy;

  130. 

  131. 	return 0;

  132. }

  133. 

  134. /**

  135.  * Set image command line

  136.  *

  137.  * @v image		Image

  138.  * @v cmdline		New image command line, or NULL

  139.  * @ret rc		Return status code

  140.  */

  141. int image_set_cmdline ( struct image *image, const char *cmdline ) {

  142. 

  143. 	free ( image->cmdline );

  144. 	image->cmdline = NULL;

  145. 	if ( cmdline ) {

  146. 		image->cmdline = strdup ( cmdline );

  147. 		if ( ! image->cmdline )

  148. 			return -ENOMEM;

  149. 	}

  150. 	return 0;

  151. }

  152. 

  153. /**

  154.  * Register executable image

  155.  *

  156.  * @v image		Executable image

  157.  * @ret rc		Return status code

  158.  */

  159. int register_image ( struct image *image ) {

  160. 	static unsigned int imgindex = 0;

  161. 	char name[8]; /* "imgXXXX" */

  162. 	int rc;

  163. 

  164. 	/* Create image name if it doesn't already have one */

  165. 	if ( ! image->name ) {

  166. 		snprintf ( name, sizeof ( name ), "img%d", imgindex++ );

  167. 		if ( ( rc = image_set_name ( image, name ) ) != 0 )

  168. 			return rc;

  169. 	}

  170. 

  171. 	/* Avoid ending up with multiple "selected" images on

  172. 	 * re-registration

  173. 	 */

  174. 	if ( image_find_selected() )

  175. 		image->flags &= ~IMAGE_SELECTED;

  176. 

  177. 	/* Add to image list */

  178. 	image_get ( image );

  179. 	image->flags |= IMAGE_REGISTERED;

  180. 	list_add_tail ( &image->list, &images );

  181. 	DBGC ( image, "IMAGE %s at [%lx,%lx) registered\n",

  182. 	       image->name, user_to_phys ( image->data, 0 ),

  183. 	       user_to_phys ( image->data, image->len ) );

  184. 

  185. 	return 0;

  186. }

  187. 

  188. /**

  189.  * Unregister executable image

  190.  *

  191.  * @v image		Executable image

  192.  */

  193. void unregister_image ( struct image *image ) {

  194. 

  195. 	DBGC ( image, "IMAGE %s unregistered\n", image->name );

  196. 	list_del ( &image->list );

  197. 	image->flags &= ~IMAGE_REGISTERED;

  198. 	image_put ( image );

  199. }

  200. 

  201. /**

  202.  * Find image by name

  203.  *

  204.  * @v name		Image name

  205.  * @ret image		Executable image, or NULL

  206.  */

  207. struct image * find_image ( const char *name ) {

  208. 	struct image *image;

  209. 

  210. 	list_for_each_entry ( image, &images, list ) {

  211. 		if ( strcmp ( image->name, name ) == 0 )

  212. 			return image;

  213. 	}

  214. 

  215. 	return NULL;

  216. }

  217. 

  218. /**

  219.  * Determine image type

  220.  *

  221.  * @v image		Executable image

  222.  * @ret rc		Return status code

  223.  */

  224. int image_probe ( struct image *image ) {

  225. 	struct image_type *type;

  226. 	int rc;

  227. 

  228. 	/* Succeed if we already have a type */

  229. 	if ( image->type )

  230. 		return 0;

  231. 

  232. 	/* Try each type in turn */

  233. 	for_each_table_entry ( type, IMAGE_TYPES ) {

  234. 		if ( ( rc = type->probe ( image ) ) == 0 ) {

  235. 			image->type = type;

  236. 			DBGC ( image, "IMAGE %s is %s\n",

  237. 			       image->name, type->name );

  238. 			return 0;

  239. 		}

  240. 		DBGC ( image, "IMAGE %s is not %s: %s\n", image->name,

  241. 		       type->name, strerror ( rc ) );

  242. 	}

  243. 

  244. 	DBGC ( image, "IMAGE %s format not recognised\n", image->name );

  245. 	return -ENOEXEC;

  246. }

  247. 

  248. /**

  249.  * Execute image

  250.  *

  251.  * @v image		Executable image

  252.  * @ret rc		Return status code

  253.  *

  254.  * The image must already be registered.  Note that executing an image

  255.  * may cause it to unregister itself.  The caller must therefore

  256.  * assume that the image pointer becomes invalid.

  257.  */

  258. int image_exec ( struct image *image ) {

  259. 	struct image *saved_current_image;

  260. 	struct image *replacement;

  261. 	struct uri *old_cwuri;

  262. 	int rc;

  263. 

  264. 	/* Sanity check */

  265. 	assert ( image->flags & IMAGE_REGISTERED );

  266. 

  267. 	/* Check that this image can be selected for execution */

  268. 	if ( ( rc = image_select ( image ) ) != 0 )

  269. 		return rc;

  270. 

  271. 	/* Check that image is trusted (if applicable) */

  272. 	if ( require_trusted_images && ! ( image->flags & IMAGE_TRUSTED ) ) {

  273. 		DBGC ( image, "IMAGE %s is not trusted\n", image->name );

  274. 		return -EACCES_UNTRUSTED;

  275. 	}

  276. 

  277. 	/* Switch current working directory to be that of the image itself */

  278. 	old_cwuri = uri_get ( cwuri );

  279. 	churi ( image->uri );

  280. 

  281. 	/* Preserve record of any currently-running image */

  282. 	saved_current_image = current_image;

  283. 

  284. 	/* Take out a temporary reference to the image.  This allows

  285. 	 * the image to unregister itself if necessary, without

  286. 	 * automatically freeing itself.

  287. 	 */

  288. 	current_image = image_get ( image );

  289. 

  290. 	/* Record boot attempt */

  291. 	syslog ( LOG_NOTICE, "Executing \"%s\"\n", image->name );

  292. 

  293. 	/* Try executing the image */

  294. 	if ( ( rc = image->type->exec ( image ) ) != 0 ) {

  295. 		DBGC ( image, "IMAGE %s could not execute: %s\n",

  296. 		       image->name, strerror ( rc ) );

  297. 		/* Do not return yet; we still have clean-up to do */

  298. 	}

  299. 

  300. 	/* Record result of boot attempt */

  301. 	if ( rc == 0 ) {

  302. 		syslog ( LOG_NOTICE, "Execution of \"%s\" completed\n",

  303. 			 image->name );

  304. 	} else {

  305. 		syslog ( LOG_ERR, "Execution of \"%s\" failed: %s\n",

  306. 			 image->name, strerror ( rc ) );

  307. 	}

  308. 

  309. 	/* Pick up replacement image before we drop the original

  310. 	 * image's temporary reference.  The replacement image must

  311. 	 * already be registered, so we don't need to hold a temporary

  312. 	 * reference (which would complicate the tail-recursion).

  313. 	 */

  314. 	replacement = image->replacement;

  315. 	if ( replacement )

  316. 		assert ( replacement->flags & IMAGE_REGISTERED );

  317. 

  318. 	/* Drop temporary reference to the original image */

  319. 	image_put ( image );

  320. 

  321. 	/* Restore previous currently-running image */

  322. 	current_image = saved_current_image;

  323. 

  324. 	/* Reset current working directory */

  325. 	churi ( old_cwuri );

  326. 	uri_put ( old_cwuri );

  327. 

  328. 	/* Tail-recurse into replacement image, if one exists */

  329. 	if ( replacement ) {

  330. 		DBGC ( image, "IMAGE <freed> replacing self with IMAGE %s\n",

  331. 		       replacement->name );

  332. 		if ( ( rc = image_exec ( replacement ) ) != 0 )

  333. 			return rc;

  334. 	}

  335. 

  336. 	return rc;

  337. }

  338. 

  339. /**

  340.  * Set replacement image

  341.  *

  342.  * @v replacement	Replacement image

  343.  * @ret rc		Return status code

  344.  *

  345.  * The replacement image must already be registered, and must remain

  346.  * registered until the currently-executing image returns.

  347.  */

  348. int image_replace ( struct image *replacement ) {

  349. 	struct image *image = current_image;

  350. 	int rc;

  351. 

  352. 	/* Sanity check */

  353. 	assert ( replacement->flags & IMAGE_REGISTERED );

  354. 

  355. 	/* Fail unless there is a currently-executing image */

  356. 	if ( ! image ) {

  357. 		rc = -ENOTTY;

  358. 		DBGC ( replacement, "IMAGE %s cannot replace non-existent "

  359. 		       "image: %s\n", replacement->name, strerror ( rc ) );

  360. 		return rc;

  361. 	}

  362. 

  363. 	/* Check that the replacement image can be executed */

  364. 	if ( ( rc = image_probe ( replacement ) ) != 0 )

  365. 		return rc;

  366. 

  367. 	/* Clear any existing replacement */

  368. 	image_put ( image->replacement );

  369. 

  370. 	/* Set replacement */

  371. 	image->replacement = image_get ( replacement );

  372. 	DBGC ( image, "IMAGE %s will replace self with IMAGE %s\n",

  373. 	       image->name, replacement->name );

  374. 

  375. 	return 0;

  376. }

  377. 

  378. /**

  379.  * Select image for execution

  380.  *

  381.  * @v image		Executable image

  382.  * @ret rc		Return status code

  383.  */

  384. int image_select ( struct image *image ) {

  385. 	struct image *tmp;

  386. 	int rc;

  387. 

  388. 	/* Unselect all other images */

  389. 	for_each_image ( tmp )

  390. 		tmp->flags &= ~IMAGE_SELECTED;

  391. 

  392. 	/* Check that this image can be executed */

  393. 	if ( ( rc = image_probe ( image ) ) != 0 )

  394. 		return rc;

  395. 

  396. 	/* Mark image as selected */

  397. 	image->flags |= IMAGE_SELECTED;

  398. 

  399. 	return 0;

  400. }

  401. 

  402. /**

  403.  * Find selected image

  404.  *

  405.  * @ret image		Executable image, or NULL

  406.  */

  407. struct image * image_find_selected ( void ) {

  408. 	struct image *image;

  409. 

  410. 	for_each_image ( image ) {

  411. 		if ( image->flags & IMAGE_SELECTED )

  412. 			return image;

  413. 	}

  414. 	return NULL;

  415. }

  416. 

  417. /**

  418.  * Change image trust requirement

  419.  *

  420.  * @v require_trusted	Require trusted images

  421.  * @v permanent		Make trust requirement permanent

  422.  * @ret rc		Return status code

  423.  */

  424. int image_set_trust ( int require_trusted, int permanent ) {

  425. 

  426. 	/* Update trust requirement, if permitted to do so */

  427. 	if ( ! require_trusted_images_permanent ) {

  428. 		require_trusted_images = require_trusted;

  429. 		require_trusted_images_permanent = permanent;

  430. 	}

  431. 

  432. 	/* Fail if we attempted to change the trust requirement but

  433. 	 * were not permitted to do so.

  434. 	 */

  435. 	if ( require_trusted_images != require_trusted )

  436. 		return -EACCES_PERMANENT;

  437. 

  438. 	return 0;

  439. }